: The group relies heavily on "stealer logs"—archives of credentials harvested by infostealers like Lumma or StealC. These logs are used to gain initial access to corporate Jira instances.
: Exfiltrated hundreds of gigabytes of source code and employee credentials. pdhellcat.rar
The Hellcat group (formerly known as ICA Group) is led by threat actors using the aliases and Rey . They are known for "humiliation tactics," publicly pressuring victims on leak sites and demanding ransoms in various forms, including unconventional requests like "baguettes" (referring to a specific cryptocurrency or a sarcastic demand during the Schneider Electric breach). Technical Write-up Summary : The group relies heavily on "stealer logs"—archives
: If necessary for research, use sandboxes like Joe Sandbox or Any.Run to observe behavior without risk to your network. The Hellcat group (formerly known as ICA Group)
While a specific public analysis for a file named exactly "pdhellcat.rar" is not widely indexed, archives with similar naming conventions in this context typically serve one of three purposes:
Please be aware our Call Centre is now closed. Our Call Centre opening hours are as follows
Mon-Fri: 8:00 – 18:00If you wish to make a booking online, please click here